Implementing nonce with styled-jsx for Content Security Policy #15056
Unanswered
KarthikeyanRanasthala
asked this question in
Help
Replies: 1 comment 5 replies
-
@timneutkens Any word here? |
Beta Was this translation helpful? Give feedback.
5 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
The implementation mentioned here in styled-jsx docs uses flushToReact/flushToHTML which used react-dom/server and styled-jsx/server
As next.js has inbuilt support for SSR and styled-jsx, the above mentioned implementation makes no sense. And this example doesn't cover nonce implementation
FYI, I've tried adding nonce to all individual <style jsx> and its getting stripped somehow during the build process.
Having a strong CSP is necessary to mitigate XSS and packet sniffing attacks. So let's discuss on this and figure out a way to do this.
Beta Was this translation helpful? Give feedback.
All reactions